Skip to main content

Posts

Featured

Escalating Low Severity Bugs To High Severity

This time I am gonna share about some ways that I have learned & applied while participating in bounty programs and was able to escalate Low severity issues to higher severity. Let's Go To the Technical details straight:

Note:
You might also be able to use Window Object instead of Iframe in the following Cases I mention but it's better to use "Iframe" instead of "Window" to be stealthier and have least User-Interaction though it requires Clickjacking to be present too.

Case #1. Self Stored-XSS and Login-Logout CSRF:

Pre-Requisites:
1.) Victim must be loggedIn on the Application
2.) Some kind of sensitive information of the currently authenticated user should be present on some page(via Web API etc.)

ATTACKER Having Self-Stored XSS in Profile Description:

Attack Summary:-
1. Victim Visits Attacker's Page
2. Create 2 Iframes
Frame #1(VICTIM) pointing to the sensitive info page (eg. CreditCards, API Keys, Secrets, password hashes, messages etc. which is onl…

Latest posts

Local File Read via XSS in Dynamically Generated PDF

Story of a Parameter Specific XSS!